Legal
Last updated: May 2026 · Effective immediately
The short version: InMailAI does not sell your data, does not run ads, and does not store LinkedIn profile data. We collect only what is necessary to make the product work and to prevent abuse of our free tier.
InMailAI ("we", "our", "us") is a Chrome browser extension and associated backend service that helps sales professionals generate AI-powered prospect summaries, outreach messages, and find work email addresses directly within LinkedIn.
This Privacy Policy explains what information we collect, how we use it, and what rights you have. By installing and using InMailAI, you agree to the practices described here.
We collect the minimum information necessary to provide the service:
Account information
When you create an InMailAI account, we collect your email address and a hashed password (stored securely by Supabase). We do not collect your name, phone number, or any other personal information at signup.
Usage data
We track the number of AI calls and email lookups you make per month to enforce your plan limits. We do not track which LinkedIn profiles you visit or which messages you generate.
Authentication tokens
When you sign in, a JWT is stored in your browser's extension storage (chrome.storage.local). It is stored only on your device and never sent to third parties.
Server logs
Our backend automatically generates standard server logs including request timestamps, API endpoints called, and HTTP response codes. These logs do not include the content of your prompts or generated messages. Logs are retained for 30 days.
We use the data we collect for the following purposes only:
We do not use your data for advertising, profiling, or sale to third parties. Ever.
InMailAI uses the following third-party services. Each has its own privacy policy:
Supabasesupabase.com
Stores your account email address and usage counters. Data stored in EU region.
Privacy Policy →Groqgroq.com
Processes AI requests. Profile data is sent to generate the response and not retained. Groq does not train models on API inputs.
Privacy Policy →Hunter.iohunter.io
Used for email finding. The person's name and company domain are sent to Hunter.
Privacy Policy →Stripe / Razorpaystripe.com / razorpay.com
Process subscription payments. We share only what is necessary for payment processing.
Privacy Policy →We do not share your data with any other third parties.
Your account data is stored in Supabase's secure PostgreSQL database with row-level security — meaning our application can only access your own data, never another user's.
Your authentication token is stored in chrome.storage.local— a sandboxed storage area accessible only to the InMailAI extension. No website, including LinkedIn, can read this data.
All communication between the extension and our backend uses HTTPS (TLS 1.2+). We do not transmit data over unencrypted connections.
We retain account data for as long as your account is active. If you delete your account, we delete your data within 30 days.
To exercise any of these rights, email privacy@inmailai.com. We respond within 14 business days.
InMailAI reads only the publicly visible LinkedIn page you are currently viewing. We do not:
All AI generation and message drafting is done by you, the user — InMailAI assists but does not automate.
InMailAI is intended for adults (18+) in a professional context. We do not knowingly collect personal information from anyone under 18. If you believe we have inadvertently collected information from a minor, please contact privacy@inmailai.com immediately.
We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date and, for material changes, notify you by email or by displaying a notice in the extension.
Continued use after changes are posted constitutes acceptance of the updated policy.
For questions, concerns, or data requests:
InMailAI Privacy Team
Email: privacy@inmailai.com
General: hello@inmailai.com
Website: inmailai.com
We respond to all privacy-related enquiries within 14 business days.